<?php
/**
 * @version   $Id: index.php 1 13:41 2010年7月26日 $
 * @package   DedeCMS.Install
 * @founder   IT柏拉图, https://weibo.com/itprato
 * @author    DedeCMS团队
 * @copyright Copyright (c) 2007 - 2021, 上海卓卓网络科技有限公司 (DesDev, Inc.)
 * @license   http://help.dedecms.com/usersguide/license.html
 * @link      http://www.dedecms.com
 */
@set_time_limit(0);
error_reporting(E_ALL || ~E_NOTICE);

$verMsg = 'V5.8.1';
$s_lang = 'utf-8';
$dfDbname = 'dedecmsv58';
$errmsg = '';
define('INSTALL_DEMO_NAME', 'dedev58demo.txt');
define('INSLOCKFILE', dirname(__FILE__) . '/install_lock.txt');

$moduleCacheFile = dirname(__FILE__) . '/modules.tmp.inc';

define('DEDEINC', dirname(__FILE__) . '/../include');
define('DEDEINSTALL', dirname(__FILE__) . '/../install');
define('DEDEDATA', dirname(__FILE__) . '/../data');
define('DEDEROOT', preg_replace("#[\\\\\/]install#", '', dirname(__FILE__)));

header("Content-Type: text/html; charset={$s_lang}");

require_once DEDEROOT . '/install/install.inc.php';
require_once DEDEINC . '/zip.class.php';

foreach (array('_GET', '_POST', '_COOKIE') as $_request) {
    foreach ($$_request as $_k => $_v) {
        ${$_k} = RunMagicQuotes($_v);
    }

}

require_once DEDEINC . '/common.func.php';

if (file_exists(INSLOCKFILE)) {
    exit(" 程序已运行安装，如果你确定要重新安装，请先从FTP中删除 install/install_lock.txt！");
}

if (empty($step)) {
    $step = 1;
}

// 主机地址
$sp_host = (empty($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_HOST'] : $_SERVER['REMOTE_ADDR']);

// PHP版本
$phpv = phpversion();

/*------------------------
使用协议书
function _1_Agreement()
------------------------*/
if ($step == 1) {
    include './templates/step-1.html';
    exit();
}
/*------------------------
环境测试
function _2_TestEnv()
------------------------*/
else if ($step == 2) {

    $sp_os = PHP_OS;
    if (!function_exists('gd_info')) {
        $sp_gd = '<font color=red>[×]Off</font>';
    }else{
        $sp_gd = '<font color=green>[√]On</font>' ;
    }
    $sp_server = $_SERVER['SERVER_SOFTWARE'];
    $sp_name = $_SERVER['SERVER_NAME'];
    $sp_max_execution_time = ini_get('max_execution_time');
    $sp_allow_reference = (ini_get('allow_call_time_pass_reference') ? '<font color=green>[√]On</font>' : '<font color=red>[×]Off</font>');
    $sp_allow_url_fopen = (ini_get('allow_url_fopen') ? '<font color=green>[√]On</font>' : '<font color=red>[×]Off</font>');
    $sp_safe_mode = (ini_get('safe_mode') ? '<font color=red>[×]On</font>' : '<font color=green>[√]Off</font>');
    $sp_mysql = (function_exists('mysqli_connect') ? '<font color=green>[√]On</font>' : '<font color=red>[×]Off</font>');

    if ($sp_mysql == '<font color=red>[×]Off</font>') {
        $sp_mysql_err = true;
    } else {
        $sp_mysql_err = false;
    }

    $sp_testdirs = array(
        '/',
        '/plus/*',
        '/dede/*',
        '/data/*',
        '/a/*',
        '/install',
        '/special',
        '/uploads/*',
    );
    include './templates/step-2.html';
    exit();
}
/*------------------------
设置参数
function _3_WriteSeting()
------------------------*/
else if ($step == 3) {
    if (!empty($_SERVER['REQUEST_URI'])) {
        $scriptName = $_SERVER['REQUEST_URI'];
    } else {
        $scriptName = $_SERVER['PHP_SELF'];
    }

    $basepath = preg_replace("#\/install(.*)$#i", '', $scriptName);

    if (!empty($_SERVER['HTTP_HOST'])) {
        $baseurl = 'http://' . $_SERVER['HTTP_HOST'];
    } else {
        $baseurl = "http://" . $_SERVER['SERVER_NAME'];
    }

    $chars = 'abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789';
    $rnd_cookieEncode = '';
    $length = rand(28, 32);
    $max = strlen($chars) - 1;
    for ($i = 0; $i < $length; $i++) {
        $rnd_cookieEncode .= $chars[mt_rand(0, $max)];
    }
    $isdemosign = 0;
    if (file_exists(INSTALL_DEMO_NAME) && file_get_contents(INSTALL_DEMO_NAME)) {
        $isdemosign = 1;
    }

    $module_local = DEDEDATA . '/module/';
    include './templates/step-3.html';
    exit();
}
/*------------------------
普通安装
function _4_Setup()
------------------------*/
else if ($step == 4) {


    $dbtype = 'mysql';
    $conn = mysqli_connect($dbhost, $dbuser, $dbpwd) or die("<script>alert('数据库服务器或登录密码无效，\\n\\n无法连接数据库，请重新设定！');history.go(-1);</script>");

    mysqli_query($conn, "CREATE DATABASE IF NOT EXISTS `" . $dbname . "`;");

    mysqli_select_db($conn, $dbname) or die("<script>alert('选择数据库失败，可能是你没权限，请预先创建一个数据库！');history.go(-1);</script>");

    //获得数据库版本信息
    $rs = mysqli_query($conn, "SELECT VERSION();");
    $row = mysqli_fetch_array($rs);
    $mysqlVersions = explode('.', trim($row[0]));
    $mysqlVersion = $mysqlVersions[0] . "." . $mysqlVersions[1];

    mysqli_query($conn, "SET NAMES '$dblang',character_set_client=binary,sql_mode='';");

    $fp = fopen(dirname(__FILE__) . "/common.inc.php", "r");
    $configStr1 = fread($fp, filesize(dirname(__FILE__) . "/common.inc.php"));
    fclose($fp);

    $fp = fopen(dirname(__FILE__) . "/config.cache.inc.php", "r");
    $configStr2 = fread($fp, filesize(dirname(__FILE__) . "/config.cache.inc.php"));
    fclose($fp);

    //common.inc.php
    $configStr1 = str_replace("~dbtype~", $dbtype, $configStr1);
    $configStr1 = str_replace("~dbhost~", $dbhost, $configStr1);
    $configStr1 = str_replace("~dbname~", $dbname, $configStr1);
    $configStr1 = str_replace("~dbuser~", $dbuser, $configStr1);
    $configStr1 = str_replace("~dbpwd~", $dbpwd, $configStr1);
    $configStr1 = str_replace("~dbprefix~", $dbprefix, $configStr1);
    $configStr1 = str_replace("~dblang~", $dblang, $configStr1);

    @chmod(DEDEDATA, 0777);
    $fp = fopen(DEDEDATA . "/common.inc.php", "w") or die("<script>alert('写入配置失败，请检查../data目录是否可写入！');history.go(-1);</script>");
    fwrite($fp, $configStr1);
    fclose($fp);

    //config.cache.inc.php
    $cmspath = trim(preg_replace("#\/{1,}#", '/', $cmspath));
    if ($cmspath != '' && !preg_match("#^\/#", $cmspath)) {
        $cmspath = '/' . $cmspath;
    }

    if ($cmspath == '') {
        $indexUrl = '/';
    } else {
        $indexUrl = $cmspath;
    }

    $configStr2 = str_replace("~baseurl~", $baseurl, $configStr2);
    $configStr2 = str_replace("~basepath~", $cmspath, $configStr2);
    $configStr2 = str_replace("~indexurl~", $indexUrl, $configStr2);
    $configStr2 = str_replace("~cookieEncode~", $cookieencode, $configStr2);
    $configStr2 = str_replace("~webname~", $webname, $configStr2);
    $configStr2 = str_replace("~adminmail~", $adminmail, $configStr2);

    $fp = fopen(DEDEDATA . '/config.cache.inc.php', 'w');
    fwrite($fp, $configStr2);
    fclose($fp);

    $fp = fopen(DEDEDATA . '/config.cache.bak.php', 'w');
    fwrite($fp, $configStr2);
    fclose($fp);

    if ($mysqlVersion >= 4.1) {
        $sql4tmp = "ENGINE=MyISAM DEFAULT CHARSET=" . $dblang;
    }

    //创建数据表

    $query = '';
    $fp = fopen(dirname(__FILE__) . '/sql-dftables.txt', 'r');
    while (!feof($fp)) {
        $line = rtrim(fgets($fp, 1024));
        if (preg_match("#;$#", $line)) {
            $query .= $line . "\n";
            $query = str_replace('#@__', $dbprefix, $query);
            if ($dbtype == 'sqlite') {
                $query = preg_replace('/character set (.*?) /i', '', $query);
                $query = str_replace('unsigned', '', $query);
                $query = str_replace('TYPE=MyISAM', '', $query);
                $query = preg_replace('/TINYINT\(([\d]+)\)/i', 'INTEGER', $query);
                $query = preg_replace('/mediumint\(([\d]+)\)/i', 'INTEGER', $query);
                $query = preg_replace('/smallint\(([\d]+)\)/i', 'INTEGER', $query);
                $query = preg_replace('/int\(([\d]+)\)/i', 'INTEGER', $query);
                $query = preg_replace('/auto_increment/i', 'PRIMARY KEY AUTOINCREMENT', $query);
                $query = preg_replace('/,  KEY(.*?)MyISAM;/', '', $query);
                $query = preg_replace('/,  KEY(.*?);/', ');', $query);
                $query = preg_replace('/,  UNIQUE KEY(.*?);/', ');', $query);
                $query = preg_replace('/set\(([^\)]*?)\)/', 'varchar', $query);
                $query = preg_replace('/enum\(([^\)]*?)\)/', 'varchar', $query);
                if (preg_match("/PRIMARY KEY AUTOINCREMENT/", $query)) {
                    $query = preg_replace('/,([\t\s ]+)PRIMARY KEY  \(`([0-9a-zA-Z]+)`\)/i', '', $query);
                    $query = str_replace(',	PRIMARY KEY (`id`)', '', $query);
                }
                $db->exec($query);
            } else {
                if (preg_match('#CREATE#i', $query)) {
                    $rs = mysqli_query($conn, preg_replace("#TYPE=MyISAM#i", $sql4tmp, $query));
                } else {
                    $rs = mysqli_query($conn, $query);
                }
            }

            $query = '';
        } else if (!preg_match("#^(\/\/|--)#", $line)) {
            $query .= $line;
        }
    }
    fclose($fp);

    //导入默认数据
    $query = '';
    $fp = fopen(dirname(__FILE__) . '/sql-dfdata.txt', 'r');
    while (!feof($fp)) {
        $line = rtrim(fgets($fp, 1024));
        if (preg_match("#;$#", $line)) {
            if ($dbtype == 'sqlite') {
                $query .= $line;
                $query = str_replace('#@__', $dbprefix, $query);
                $query = str_replace("\'", "\"", $query);
                $db->exec($query);
            } else {
                $query .= $line;
                $query = str_replace('#@__', $dbprefix, $query);
                $rs = mysqli_query($conn, str_replace('#~lang~#', $dblang, $query));

            }

            $query = '';
        } else if (!preg_match("#^(\/\/|--)#", $line)) {
            $query .= $line;
        }
    }
    fclose($fp);

    //更新配置
    $cquery = "Update `{$dbprefix}sysconfig` set value='{$baseurl}' where varname='cfg_basehost';";
    $dbtype == 'sqlite' ? $db->exec($cquery) : mysqli_query($conn, $cquery);
    $cquery = "Update `{$dbprefix}sysconfig` set value='{$cmspath}' where varname='cfg_cmspath';";
    $dbtype == 'sqlite' ? $db->exec($cquery) : mysqli_query($conn, $cquery);
    $cquery = "Update `{$dbprefix}sysconfig` set value='{$indexUrl}' where varname='cfg_indexurl';";
    $dbtype == 'sqlite' ? $db->exec($cquery) : mysqli_query($conn, $cquery);
    $cquery = "Update `{$dbprefix}sysconfig` set value='{$cookieencode}' where varname='cfg_cookie_encode';";
    $dbtype == 'sqlite' ? $db->exec($cquery) : mysqli_query($conn, $cquery);
    $cquery = "Update `{$dbprefix}sysconfig` set value='{$webname}' where varname='cfg_webname';";
    $dbtype == 'sqlite' ? $db->exec($cquery) : mysqli_query($conn, $cquery);
    $cquery = "Update `{$dbprefix}sysconfig` set value='{$adminmail}' where varname='cfg_adminemail';";
    $dbtype == 'sqlite' ? $db->exec($cquery) : mysqli_query($conn, $cquery);

    //增加管理员帐号
    $adminquery = "INSERT INTO `{$dbprefix}admin` VALUES (1, 10, '$adminuser', '" . substr(md5($adminpwd), 5, 20) . "', 'admin', '', '', 0, '" . time() . "', '127.0.0.1');";
    $dbtype == 'sqlite' ? $db->exec($adminquery) : mysqli_query($conn, $adminquery);

    //关连前台用户帐号
    $adminquery = "INSERT INTO `{$dbprefix}member` (`mid`,`mtype`,`userid`,`pwd`,`uname`,`sex`,`rank`,`money`,`email`, `scores` ,`matt` ,`face`,`safequestion`,`safeanswer` ,`jointime` ,`joinip` ,`logintime` ,`loginip` ) VALUES ('1','个人','$adminuser','" . md5($adminpwd) . "','$adminuser','男','100','0','','10000','10','','0','','" . time() . "','','0',''); ";
    $dbtype == 'sqlite' ? $db->exec($adminquery) : mysqli_query($conn, $adminquery);

    $adminquery = "INSERT INTO `{$dbprefix}member_person` (`mid`,`onlynet`,`sex`,`uname`,`qq`,`msn`,`tel`,`mobile`,`place`,`oldplace`,`birthday`,`star`, `income` , `education` , `height` , `bodytype` , `blood` , `vocation` , `smoke` , `marital` , `house` ,`drink` , `datingtype` , `language` , `nature` , `lovemsg` , `address`,`uptime`) VALUES ('1', '1', '男', '{$adminuser}', '', '', '', '', '0', '0','1980-01-01', '1', '0', '0', '160', '0', '0', '0', '0', '0', '0','0', '0', '', '', '', '','0'); ";
    $dbtype == 'sqlite' ? $db->exec($adminquery) : mysqli_query($conn, $adminquery);

    $adminquery = "INSERT INTO `{$dbprefix}member_tj` (`mid`,`article`,`album`,`archives`,`homecount`,`pagecount`,`feedback`,`friend`,`stow`) VALUES ('1','0','0','0','0','0','0','0','0');";
    $dbtype == 'sqlite' ? $db->exec($adminquery) : mysqli_query($conn, $adminquery);

    $adminquery = "INSERT INTO `{$dbprefix}member_space`(`mid` ,`pagesize` ,`matt` ,`spacename` ,`spacelogo` ,`spacestyle`, `sign` ,`spacenews`) VALUES ('1','10','0','{$adminuser}的空间','','person','','');";
    $dbtype == 'sqlite' ? $db->exec($adminquery) : mysqli_query($conn, $adminquery);

    //安装体验数据
    if ($installdemo == 1) {
 
        if ($setupsql = file_get_contents(INSTALL_DEMO_NAME)) {
            $setupsql = preg_replace("#ENGINE=MyISAM#i", 'TYPE=MyISAM', $setupsql);
            $sql41tmp = 'ENGINE=MyISAM DEFAULT CHARSET=' . $cfg_db_language;
            $setupsql = preg_replace("#TYPE=MyISAM#i", $sql41tmp, $setupsql);
            $setupsql = preg_replace("#_ROOTURL_#i", $rooturl, $setupsql);
            $setupsql = preg_replace("#[\r\n]{1,}#", "\n", $setupsql);
            $setupsql = preg_replace('/#@__/i', $dbprefix, $setupsql);
            $sqls = preg_split("#;[ \t]{0,}\n#", $setupsql);
            foreach ($sqls as $sql) {
                if (trim($sql) != '') {
                    mysqli_query($conn, $sql);
                }
            }
            // 更新栏目缓存
            UpDateCatCache();
        } else {
            die("没有体验数据包文件,请检查是否下载.");
        }
    }
  

    //不安装任何可选模块
    if (!isset($modules) || !is_array($modules)) {
        //锁定安装程序
        $fp = fopen($insLockfile, 'w');
        fwrite($fp, 'ok');
        fclose($fp);
        include './templates/step-5.html';
        exit();
    } else {
        $module = join(',', $modules);
        $fp = fopen($moduleCacheFile, 'w');
        fwrite($fp, '<' . '?php' . "\r\n");
        fwrite($fp, '$selModule = "' . $module . '"; ' . "\r\n");
        fwrite($fp, '?' . '>');
        //如果不能写入缓存文件，退出模块安装
        if (!$fp) {
            //锁定安装程序
            $fp = fopen($insLockfile, 'w');
            fwrite($fp, 'ok');
            fclose($fp);
            $errmsg = "<font color='red'>由于无法写入模块缓存，安装可选模块失败，请登录后在模块管理处安装。</font>";
            include './templates/step-5.html';
            exit();
        }
        fclose($fp);
        include './templates/step-4.html';
        exit();
    }
    exit();
}
/*------------------------
安装可选模块
function _5_SetupModule()
------------------------*/
else if ($step == 5) {
    header("location:module-install.php");
    exit();
}
/*------------------------
检测数据库是否有效
function _10_TestDbPwd()
------------------------*/
else if ($step == 10) {
    header("Pragma:no-cache\r\n");
    header("Cache-Control:no-cache\r\n");
    header("Expires:0\r\n");
    $conn = mysqli_connect($dbhost, $dbuser, $dbpwd);


    if ($conn) {
        if (empty($dbname)) {
            echo "<font color='green'>信息正确</font>";
        } else {
            $info = mysqli_select_db($conn, $dbname) === true ? "<font color='red'>数据库已经存在，系统将覆盖数据库</font>" : "<font color='green'>数据库不存在,系统将自动创建</font>";
            echo $info;
        }
    } else {
        echo "<font color='red'>数据库连接失败！</font>";
    }
    mysqli_close($conn);
    exit();
}
else if($step==11) {
    include_once '../data/admin/config_update.php';
    $rmurl = UPDATEHOST."dedecms/demodata.{$s_lang}.txt";
    $sql_content = file_get_contents($rmurl);
    $fp = fopen(INSTALL_DEMO_NAME, 'w');
    if(fwrite($fp, $sql_content)) {
        echo '&nbsp; <font color="green">[√]</font> 存在(您可以选择安装进行体验)';
    } else {
        echo '&nbsp; <font color="red">[×]</font> 远程获取失败';
    }
    unset($sql_content);
    fclose($fp);
    exit();
}
